Anbu

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 137 Thunderbird versions prior to 137 **Description** The issue allows an attacker to read 32 bits of values spilled onto the stack in a JIT compiled function. This could potentially expose sensitive information. **Recommendations** For Firefox versions prior to 137, update to version 137 or later to resolve the issue. For Thunderbird versions prior to 137, update to version 137 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 136 **Description** The issue arises when the String.toUpperCase() function causes a string to increase in length, potentially incorporating uninitialized memory into the result string. **Recommendations** For versions prior to 136, update to version 136 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 119 Firefox ESR versions prior to 115.4 Thunderbird versions prior to 115.4.1 **Description** The issue is related to the Garbage Collector component in Firefox, Firefox ESR, and Thunderbird, which involves errors in memory deallocation when performing operations on objects. This could lead to a potentially exploitable crash. Exploitation of the vulnerability may allow a remote attacker to cause a denial of service. **Recommendations** For Firefox versions prior to 119, update to version 119 or later. For Firefox ESR versions prior to 115.4, update to version 115.4 or later. For Thunderbird versions prior to 115.4.1, update to version 115.4.1 or later.